Nuxt.js + Laravel 在同一台服务器上 nginx
Nuxt.js + Laravel on same server nginx
我想在我的 DigitalOcean 服务器 (Ubuntu 18.04) 上部署 nuxt + laravel 项目。我已经在上面配置了域名和SSL证书。我正在寻找 nginx 的正确配置以在同一台服务器上为客户端和 API 提供服务。
我给客户端配置了代理,可惜API不可用
# Redirect http to https
server {
listen 80;
listen [::]:80 ipv6only=on default_server;
server_name MY_DOMAIN_NAME;
return 302 https://$server_name$request_uri;
}
# SSL configs
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/MY_DOMAIN_NAME.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
# Use our own DH params
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_session_cache shared:SSL:40m;
ssl_session_timeout 4h;
ssl_session_tickets on;
server_name MY_DOMAIN_NAME;
root /var/www/MY_LARAVEL_APP_FOLDER/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
#client
location / {
expires $expires;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_pass http://127.0.0.1:3000; # set the adress of the Node.js
}
location ~ /\.(?!well-known).* {
deny all;
}
}
我试过这段代码,nginx 说重复位置/(合乎逻辑)。请帮助我 :) 为 API 和客户端设置服务器或不使用代理的正确方法是什么?
你的 nginx.conf
有问题你不能声明两个位置相同的块,在你的情况下是 /
。
更好的方法是使用虚拟主机使用两个服务器块
- example.com(主域)
- api.example.com(API 子域)
example.conf
# Redirect http to https
server {
listen 80;
listen [::]:80 ipv6only=on default_server;
server_name example.com;
return 302 https://$server_name$request_uri;
}
# SSL configs
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/MY_DOMAIN_NAME.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
# Use our own DH params
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_session_cache shared:SSL:40m;
ssl_session_timeout 4h;
ssl_session_tickets on;
server_name example.com;
root /var/www/MY_LARAVEL_APP_FOLDER/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
和 API api.example.conf
# Redirect http to https
server {
listen 80;
listen [::]:80 ipv6only=on default_server;
server_name api.example.com;
return 302 https://$server_name$request_uri;
}
# SSL configs
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/MY_DOMAIN_NAME.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
# Use our own DH params
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_session_cache shared:SSL:40m;
ssl_session_timeout 4h;
ssl_session_tickets on;
server_name api.example.com;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
#client
location / {
expires $expires;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_pass http://127.0.0.1:3000; # set the adress of the Node.js
}
location ~ /\.(?!well-known).* {
deny all;
}
}
对于那些仍在寻找使用 Nuxt 和 Laravel 而不使用子域的人,您可以看看 here.
我已经粘贴了下面文章中显示的配置(以防 link 出现故障):
map_hash_max_size 262144;
map_hash_bucket_size 262144;
map $sent_http_content_type $expires {
"text/html" epoch;
"text/html; charset=utf-8" epoch;
default off;
}
server {
listen 80;
listen 443 ssl;
server_name dev.domain.tld;
root "/path/to/laravel/public";
index index.php;
# Access Restrictions
allow 127.0.0.1;
deny all;
location /api {
try_files $uri $uri/ /index.php$is_args$args;
}
location / {
try_files $uri $uri/ @proxy;
autoindex on;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass php_upstream;
#fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
# Enable SSL
ssl_certificate "C:/etc/ssl/mycert.crt";
ssl_certificate_key "C:/etc/ssl/mycert.key";
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
location ~ /\.ht {
deny all;
}
location @proxy {
expires $expires;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline';";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Cache-Status $upstream_cache_status;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ignore_headers Cache-Control;
proxy_http_version 1.1;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_pass http://127.0.0.1:3000; # set the adress of the Node.js instance here
#proxy_cache nuxt-cache;
proxy_cache_bypass $arg_nocache; # probably better to change this
proxy_cache_valid 200 302 60m; # set this to your needs
proxy_cache_valid 404 1m; # set this to your needs
proxy_cache_lock on;
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
proxy_cache_key $uri$is_args$args;
#proxy_cache_purge PURGE from 127.0.0.1;
}
}
我想在我的 DigitalOcean 服务器 (Ubuntu 18.04) 上部署 nuxt + laravel 项目。我已经在上面配置了域名和SSL证书。我正在寻找 nginx 的正确配置以在同一台服务器上为客户端和 API 提供服务。
我给客户端配置了代理,可惜API不可用
# Redirect http to https
server {
listen 80;
listen [::]:80 ipv6only=on default_server;
server_name MY_DOMAIN_NAME;
return 302 https://$server_name$request_uri;
}
# SSL configs
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/MY_DOMAIN_NAME.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
# Use our own DH params
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_session_cache shared:SSL:40m;
ssl_session_timeout 4h;
ssl_session_tickets on;
server_name MY_DOMAIN_NAME;
root /var/www/MY_LARAVEL_APP_FOLDER/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
#client
location / {
expires $expires;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_pass http://127.0.0.1:3000; # set the adress of the Node.js
}
location ~ /\.(?!well-known).* {
deny all;
}
}
我试过这段代码,nginx 说重复位置/(合乎逻辑)。请帮助我 :) 为 API 和客户端设置服务器或不使用代理的正确方法是什么?
你的 nginx.conf
有问题你不能声明两个位置相同的块,在你的情况下是 /
。
更好的方法是使用虚拟主机使用两个服务器块
- example.com(主域)
- api.example.com(API 子域)
example.conf
# Redirect http to https
server {
listen 80;
listen [::]:80 ipv6only=on default_server;
server_name example.com;
return 302 https://$server_name$request_uri;
}
# SSL configs
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/MY_DOMAIN_NAME.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
# Use our own DH params
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_session_cache shared:SSL:40m;
ssl_session_timeout 4h;
ssl_session_tickets on;
server_name example.com;
root /var/www/MY_LARAVEL_APP_FOLDER/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
和 API api.example.conf
# Redirect http to https
server {
listen 80;
listen [::]:80 ipv6only=on default_server;
server_name api.example.com;
return 302 https://$server_name$request_uri;
}
# SSL configs
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/MY_DOMAIN_NAME.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
# Use our own DH params
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_session_cache shared:SSL:40m;
ssl_session_timeout 4h;
ssl_session_tickets on;
server_name api.example.com;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
#client
location / {
expires $expires;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_pass http://127.0.0.1:3000; # set the adress of the Node.js
}
location ~ /\.(?!well-known).* {
deny all;
}
}
对于那些仍在寻找使用 Nuxt 和 Laravel 而不使用子域的人,您可以看看 here.
我已经粘贴了下面文章中显示的配置(以防 link 出现故障):
map_hash_max_size 262144;
map_hash_bucket_size 262144;
map $sent_http_content_type $expires {
"text/html" epoch;
"text/html; charset=utf-8" epoch;
default off;
}
server {
listen 80;
listen 443 ssl;
server_name dev.domain.tld;
root "/path/to/laravel/public";
index index.php;
# Access Restrictions
allow 127.0.0.1;
deny all;
location /api {
try_files $uri $uri/ /index.php$is_args$args;
}
location / {
try_files $uri $uri/ @proxy;
autoindex on;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass php_upstream;
#fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
# Enable SSL
ssl_certificate "C:/etc/ssl/mycert.crt";
ssl_certificate_key "C:/etc/ssl/mycert.key";
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
location ~ /\.ht {
deny all;
}
location @proxy {
expires $expires;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline';";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Cache-Status $upstream_cache_status;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ignore_headers Cache-Control;
proxy_http_version 1.1;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_pass http://127.0.0.1:3000; # set the adress of the Node.js instance here
#proxy_cache nuxt-cache;
proxy_cache_bypass $arg_nocache; # probably better to change this
proxy_cache_valid 200 302 60m; # set this to your needs
proxy_cache_valid 404 1m; # set this to your needs
proxy_cache_lock on;
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
proxy_cache_key $uri$is_args$args;
#proxy_cache_purge PURGE from 127.0.0.1;
}
}